load2.plumsy.dev - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 185.171.202.170, located in Paris, France and belongs to AS-DYJIX, FR. The main domain is load2.plumsy.dev.
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.

This is the only time load2.plumsy.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.171.202.170 185.171.202.170	212815 (AS-DYJIX) (AS-DYJIX)
2	121.196.33.46 121.196.33.46	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
3	2

1 185.171.202.170 (Paris, France)

ASN212815 (AS-DYJIX, FR)
PTR: firewall.plumsy.dev

load2.plumsy.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.196.33.46 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

challenge.rivers.chaitin.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	chaitin.cn challenge.rivers.chaitin.cn	26 KB
1	plumsy.dev load2.plumsy.dev	1 KB
3	2

	Domain	Requested by
2	challenge.rivers.chaitin.cn	load2.plumsy.dev
1	load2.plumsy.dev
3	2

This site contains no links.

Subject Issuer	Validity	Valid
load1.plumsy.dev R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
*.rivers.chaitin.cn R3	`2024-04-29` - `2024-07-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://load2.plumsy.dev/
Frame ID: 53F0D90B294A2541D2963EB051836759
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

27 kB
Transfer

79 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response load2.plumsy.dev/	831 B 1 KB	135ms 24ms	Document text/html	185.171.202.170 AS-DYJIX
General Check archive.org Show headers Download Go to Full URL https://load2.plumsy.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.171.202.170 Paris, France, ASN212815 (AS-DYJIX, FR), Reverse DNS firewall.plumsy.dev Software Tengine / Resource Hash `fd83a5ea958861248ece38a800af2013c5a2446ad9026ba91007b2f7941c3de0` Request headers Accept-Language fr-FR,fr;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache, no-store content-length 831 content-type text/html date Mon, 10 Jun 2024 04:15:26 GMT server Tengine
GET H/1.1	200 OK	index.html Show response challenge.rivers.chaitin.cn/captcha/api/	656 B 655 B	2871ms 292ms	XHR text/html	121.196.33.46 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://challenge.rivers.chaitin.cn/captcha/api/index.html?0.9583996727066602 Requested by Host: load2.plumsy.dev URL: https://load2.plumsy.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 121.196.33.46 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx/1.21.6 / Resource Hash `45018709835a62d94f35eea92b43c8c3554ed823a484a7ceacde1b352c63d315` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://load2.plumsy.dev/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 10 Jun 2024 04:15:29 GMT Content-Encoding gzip Server nginx/1.21.6 Transfer-Encoding chunked X-Ca-Trace 4cefa329-2a68-4b05-ab3e-05ba4b9056e7 Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive
GET H/1.1	200 OK	sdk.js Show response challenge.rivers.chaitin.cn/captcha/api/	77 KB 26 KB	1148ms 574ms	Script application/javascript	121.196.33.46 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Full URL https://challenge.rivers.chaitin.cn/captcha/api/sdk.js Requested by Host: load2.plumsy.dev URL: https://load2.plumsy.dev/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 121.196.33.46 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software nginx/1.21.6 / Resource Hash `49bfd15cace28687bcb3e8d276a63f97b06263078ade309cd26e378146bc49d0` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://load2.plumsy.dev/ Accept-Language fr-FR,fr;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Mon, 10 Jun 2024 04:15:30 GMT Content-Encoding gzip Last-Modified Wed, 15 May 2024 11:20:27 GMT Server nginx/1.21.6 Etag W/"66449a7b-134df" Transfer-Encoding chunked X-Ca-Trace de0b0cc8-e36d-4a34-b492-d5c851398a12 Content-Type application/javascript Cache-Control no-cache, no-store Connection keep-alive

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| captcha function| run

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			load2.plumsy.dev/	1970-01-20 21:14:39	Name: sl-session Value: V4VWbV7PZ2YBRMjwlYxUPw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenge.rivers.chaitin.cn
load2.plumsy.dev
121.196.33.46
185.171.202.170
45018709835a62d94f35eea92b43c8c3554ed823a484a7ceacde1b352c63d315
49bfd15cace28687bcb3e8d276a63f97b06263078ade309cd26e378146bc49d0
fd83a5ea958861248ece38a800af2013c5a2446ad9026ba91007b2f7941c3de0

load2.plumsy.dev Open in urlscan Pro 185.171.202.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

27 kBTransfer

79 kBSize

1 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

load2.plumsy.dev Open in urlscan Pro
185.171.202.170 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

27 kB
Transfer

79 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions